mirrored from https://www.bouncycastle.org/repositories/bc-csharp
-
Notifications
You must be signed in to change notification settings - Fork 602
Expand file tree
/
Copy pathKeyTransRecipientInformation.cs
More file actions
128 lines (111 loc) · 4.05 KB
/
Copy pathKeyTransRecipientInformation.cs
File metadata and controls
128 lines (111 loc) · 4.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
using System;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
namespace Org.BouncyCastle.Cms
{
/**
* the KeyTransRecipientInformation class for a recipient who has been sent a secret
* key encrypted using their public key that needs to be used to
* extract the message.
*/
public class KeyTransRecipientInformation
: RecipientInformation
{
private readonly KeyTransRecipientInfo m_info;
internal KeyTransRecipientInformation(KeyTransRecipientInfo info, CmsSecureReadable secureReadable)
: base(info.KeyEncryptionAlgorithm, secureReadable)
{
this.rid = new RecipientID();
m_info = info;
RecipientIdentifier r = info.RecipientIdentifier;
try
{
if (r.IsTagged)
{
var subjectKeyIdentifier = SubjectKeyIdentifier.GetInstance(r.ID);
rid.SubjectKeyIdentifier = subjectKeyIdentifier.GetEncoded(Asn1Encodable.Der);
}
else
{
var issuerAndSerialNumber = IssuerAndSerialNumber.GetInstance(r.ID);
rid.Issuer = issuerAndSerialNumber.Issuer;
rid.SerialNumber = issuerAndSerialNumber.SerialNumber.Value;
}
}
catch (IOException)
{
throw new ArgumentException("invalid rid in KeyTransRecipientInformation");
}
}
private string GetExchangeEncryptionAlgorithmName(AlgorithmIdentifier algID)
{
var algOid = algID.Algorithm;
if (Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption.Equals(algOid))
{
return "RSA//PKCS1Padding";
}
else if (Asn1.Pkcs.PkcsObjectIdentifiers.IdRsaesOaep.Equals(algOid))
{
var rsaesOaepParameters = Asn1.Pkcs.RsaesOaepParameters.GetInstance(algID.Parameters);
var digestName = DigestUtilities.GetAlgorithmName(rsaesOaepParameters.HashAlgorithm.Algorithm);
return "RSA//OAEPWITH" + digestName + "ANDMGF1Padding";
}
return algOid.GetID();
}
internal KeyParameter UnwrapKey(ICipherParameters key)
{
byte[] encryptedKey = m_info.EncryptedKey.GetOctets();
try
{
if (Asn1.Pkcs.PkcsObjectIdentifiers.IdRsaesOaep.Equals(keyEncAlg.Algorithm))
{
IKeyUnwrapper keyWrapper = new Asn1KeyUnwrapper(keyEncAlg.Algorithm, keyEncAlg.Parameters, key);
return ParameterUtilities.CreateKeyParameter(
GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length).Collect());
}
else
{
string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg);
IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyExchangeAlgorithm);
keyWrapper.Init(false, key);
// FIXME Support for MAC algorithm parameters similar to cipher parameters
return ParameterUtilities.CreateKeyParameter(
GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length));
}
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e)
{
throw new CmsException("key invalid in message.", e);
}
// catch (IllegalBlockSizeException e)
catch (DataLengthException e)
{
throw new CmsException("illegal blocksize in message.", e);
}
// catch (BadPaddingException e)
catch (InvalidCipherTextException e)
{
throw new CmsException("bad padding in message.", e);
}
}
/**
* decrypt the content and return it as a byte array.
*/
public override CmsTypedStream GetContentStream(
ICipherParameters key)
{
KeyParameter sKey = UnwrapKey(key);
return GetContentFromSessionKey(sKey);
}
}
}